In today’s digital age, data is the lifeblood of a business. The databases where companies store this business-critical information have become proverbial bank vaults, holding valuable assets such as customer data, personally identifiable information (PII), Social Security numbers, credit card numbers, corporate financial information, intellectual property and more.
Unfortunately, the high value of these assets also means cybercriminals and nation-states are increasingly targeting those databases. New, complex infrastructures and multicloud environments are making database security more challenging than ever before. Often, businesses spend tremendous amounts of time and money focused on perimeter and network defense while database security gets pushed down the priority list, leading to disastrous breaches that could be avoided.
The Growth Of Enterprise Data In The Digital Age
The volume of data that consumers and businesses generate each day is growing at a record pace. According to research firm IDC, the total volume of digital data people and businesses have created worldwide is approximately 50 zettabytes today and will more than triple to 175 zettabytes by 2025 – and enterprise organizations will create and manage nearly 60% of that.
It’s not only the volume of data that’s increasing, but also its importance. In more than half of Global 2000 firms, revenue growth from information-based products and services is twice the growth rate of revenue from traditional product or service portfolios, and 90% of large enterprises now generate revenue from data as a service.
Businesses use the vast volumes of data they gather to increase sales by predicting what customers will want to purchase, streamline operational processes by increasing efficiencies, drive new product innovations, improve supply chain management and much more. In an eye-opening example, Netflix estimates it saves $1 billion per year on customer retention by using big data to improve the customer experience via its recommendations engine.
Enterprise Databases: The Modern-Day Treasure Chest
Clearly, data is valuable to businesses. Unfortunately, that means it is also a valuable target for malicious hackers. Cybercriminals frequently attack enterprise databases using every trick in their toolbox to try to gain access, including social engineering, phishing, malware, compromised endpoints and user credentials, unpatched vulnerabilities, and more.
They may seek to steal valuable information (e.g., credit card numbers) to use for themselves, or they may opt to conduct ransomware attacks, locking the organization out of its own data stores. No matter the motivation, the resulting breaches can have a crippling effect on businesses. Recent high-profile data breaches have exposed the sensitive PII of millions of consumers, causing hundreds of millions of dollars in lost sales and regulatory fines for businesses, not to mention the immeasurable damage to brand reputation.
While attacks are increasing, the database infrastructure in most organizations is also becoming increasingly complex, with dispersed databases housed across on-premises and cloud-based platforms and hybrid combinations of the two. As more organizations move to multicloud environments, they find that they no longer have full control over the business infrastructure, and ensuring their data is secure becomes more challenging.
Despite the hacking techniques and threats listed above, many data breaches are simply caused by misconfigurations or common mistakes, such as overprivileged user access. In a recent data breach that occurred in the financial services industry, attackers exploited a misconfiguration in the company’s cloud databases to compromise the personal data of more than 100 million customers. In fact, in a recent survey of enterprise IT decision makers, more than 74% of those whose organizations have been breached in the past reported that the data breaches stemmed from privileged credential abuse.
Guarding Your Treasure
To reduce the risk of suffering a catastrophic data breach, organizations must focus on “the last mile” in security and implement database-specific security plans. To do this, businesses must know their assets, control user access and, finally, implement policy-based activity monitoring.
- Assess the current state of your databases
As organizations grow or go through mergers and acquisitions, their database assets and architectures expand and become more complex. Often, security teams are unaware of how their predecessors configured and secured the existing databases. Or worse, they may be blind to the existence of databases sitting live on the network.
These unguarded, rogue databases represent an elevated threat and provide attackers an easier route into the corporate network. Security teams and database administrators must monitor assets down to a granular level and in real time, identifying the type, location, potential vulnerabilities and potential misconfigurations of all data assets.
- Leverage the principle of least privilege
Once an organization has identified all of its data assets, the next step is to ensure that proper access privileges and controls are in place regulating who can log in to specific databases.
By following an access management policy of least privilege, businesses can help ensure that users can access only the databases and perform only the actions necessary for their job roles. This limits an organization’s risk of unauthorized access, whether from within an organization or from external attackers. User access privileges should be checked regularly, ideally in real time, to help identify signs of suspicious activity.
- Incorporate policy-based activity monitoring
Monitoring can detect potential threats and reveal user accounts that have not been used for a long time and should potentially have access privileges revoked. Yet, all this monitoring can be a time-consuming process for businesses. Database activity monitoring technologies enable organizations to automate the process and notify security teams when policy violations occur, saving hours of work while helping prevent serious threats.
Data drives the global economy, yet database security remains one of the least discussed and least focused-on areas in cybersecurity. As cybercriminals look to capitalize on the growing complexities surrounding housing and accessing data, enterprises must look well beyond the perimeter and focus on better protecting assets housed within the last mile.